See this article in another language:
Basic concepts to better understand DNS
To better understand DNS or Domain Name System, you need to be familiar with the concept of domain and host. We don't mean domain model networks here. In fact, it's good that you are familiar with the domain name.
What is a domain?
In order to have a site, the first step is to register a domain. Domains in the world have different suffixes and have different meanings.
My domain can be any name, you can also register my domain name in Farsi, Chinese or any other language in the world; The only limitation that domains have is that you won't be able to register another person's domain under your name.
If you plan to register a domain globally, you need to pay an annual rental fee. But in local networks, you can register any domain you want with the desired extension without paying any commission.
In fact, if you do this, your domain will only be visible to devices connected to your network. In fact, your domain is created locally and no one in the world will be able to access it if it is not connected to your computer network.
Internationally and globally registered domains have standards. A globally registered domain must consist of two parts: domain name and extension.
For example, the same Mixseda domain. com from two sections of mixseda as domain name and section. com created as an extension. Domains can also have a prefix such as WWW.
Another problem is that you are not allowed to use any font to register your domain. For example, until now it is possible to register Persian domains for the site prefix that. they are not here.
When it comes to domains, we don't want to mention trivial topics like how to choose a domain. I'm going to familiarize you with the concept of domain.
What is Host?
If I want to thoroughly explain Hosts and types of hosts, it is easy to say that there are many materials in this field. Basically, host means hosting or hosting space.
To create a site, you will need some storage space and this storage space must also have features where you can place and run your site.
Indeed, in the real world, each physical server is split into several or even hundreds of hosts to provide the service. Hosts have different categories based on operating systems and software and the capacity they have.
For example, you may have seen a lot of ads on the Internet about renting Windows or Linux hosts. Also, some hosts are classified according to the application for which they were made.
For example, you can rent WordPress hosting to build a website; A WordPress host is a host specifically customized to host WordPress CMS.
Or you may come across download hosts in some cases, download hosts are not meant to have a web application on. These hosts provide you with space on the internet so that you can place your files and create a download link.
Of course, in the case of download hosts, some of them also have the ability to classify files and create more security. Let me explain better that some of these hosts have web applications to perform specific tasks.
A host is quite simply a storage space on your network that has a specific performance of the server that provides it. For example, if you've had a website before, you've certainly met the characteristics of a host.
For example, a host involves a certain amount of RAM and CPU of your server. Also, on the Internet, you may have restrictions on exchanging information about your host.
Now, assuming you have a host and a domain, the problem is how do you want to connect these hosts to your domain?
What is an FQDN?
FQDN stands for Fully Qualified Domain Name meaning a domain that is fully qualified. For example www. mixseda. com is considered an FQDN, or www.wordpress.org is considered an FQDN.
The FQDN itself consists of the following three parts:
- Hostname
- Subdomain
- Domain name
For example, in the FQDN of www.mixseda.com, the components of this FQDN are categorized as follows:
|
Domain name |
Subdomain |
Hostname |
|
mixseda |
www |
.com |
What is DNS?
DNS stands for Domain Name System, a service in computer networks whose job is to introduce you to other services.
Imagine that you have entered a large store; And you intend to search for a specific product. You may want to spend the whole day in the store looking for the item you want to find.
It is more logical to ask a salesperson or department manager in which section of the store the product you want is located. For that, you need to ask someone who has a lot of knowledge about that shop.
In computer networks, it is not possible to search the entire network for the desired service provider, so you need to ask a computer who has a lot of network knowledge to guide you.
In computer networks, this omniscient who knows almost everything about the computer network you are on; It's called DNS Server.
DNS has three important functions in computer networks. Next, I'll explain each of these tasks to you:
Convert FQDN to IP
The first task of a DNS server is to convert FQDN to IP. In fact, when you enter your browser mixseda. com as the URL, your computer does not know where to go to get the web service.
Because of this, your computer first asks for the DNS server you set up for it, which is mixseda. Which server does com belong to? And as a result of this query, DNS server sends some information to your computer.
For example, depending on the type of question your computer has asked a DNS server, it may receive different DNS responses. Or, for example, a DNS server might have several answers to some of your computer's questions.
In response to your question on the mixseda site. com The DNS server may return one or more IPv4 and IPv6 to you. These IP addresses are related to the desired site host.
At the next stage, your computer, having the IP address of the desired site, can make a request to the site server and receive information about the URL of the commenter.
If you have noticed, when you enter the following command in the Windows terminal (CMD), before the process of pinging and sending ICMP packets takes place, your computer first asks its DNS server to provide the IP address of the desired server. .
In the CEH course, you will learn about the structure of these requests in detail, and you do not need to know about them now. Also know that DNS servers don't know everything.
You can ask your DNS server a question, then this DNS server will also ask several other servers to get the desired answer. Or, if your DNS server is misconfigured, it may give you a wrong answer.
Convert IP to FQDN
In computer networks, especially local computer networks, some worker processes require the conversion of IP to FQDN.
In computer networks, a computer may need to find out the FQDN of other computers, in this case it can find out the FQDN of the computers using a series of requests from its DNS server using IP addresses.
Service Locator
The third task of a DNS server is to determine the location of network services in local networks. For example, if there is a print server on the network, it is preferable that this print server be defined for DNS.
Or, if you have a domain model network, you will definitely need a DNS server so that computers know which server to access to perform the authentication and authorization process.
If you have a Domain Model network with centralized management on a Microsoft operating system platform, when you want to create a Domain, the operating system itself will also install the DNS service.
The reason is that you will need at least one DNS server in your computer network to present the domain controller to other computers. Now, if you have other services in your network, DNS will help you introduce them to the computers in your network if needed.
Free DNS Servers
On the internet, you usually need a DNS server that converts FQDN to IP. For this, you may want to rent a server and set up DNS server on it, which will increase your cost and you need knowledge to set it up.
Or you can use a variety of services on the Internet that provide you with DNS service for free or not. One such very popular service provider that provides lots of features for free is cloudflare.
Website owners usually use this site as their DNS server. In general, the services that these companies provide to their customers increase the speed and security of sites because they specialize in DNS.
The best DNS providers
There are a number of DNS servers on the internet to provide DNS services to computers. Except for these things that we present to you here, every Internet Service Provider (ISP) in the world also uses their own DNS servers.
For example, users who get Internet from the telecommunications company in Iran are connected to the DNS servers of the telecommunications network by default.
In Bezeg networks you will surely have a DNS server for the clients so that you can handle DNS requests. You also respond to some requests however you like.
But in smaller networks sometimes a DNS server is not needed or the presence of a DNS server increases the network costs. For this reason, in the case of smaller networks, they use DNS servers that are actively present on the internet.
Try not to trust any company regarding DNS server, an inappropriate DNS server may cause problems in your network. For example, if the wrong DNS is selected, computers on the network may not be able to use a specific service on the Internet.
Also, choosing a suitable DNS server can affect the speed of your computers. Perhaps you've read articles about increasing Internet speed by choosing DNS. Of course, people who are gamers and engaged in online games are more familiar with this issue.
Google Public DNS
As you know, Google is one of the biggest companies that offers many services to its users. Google has many services, one of which is Google Public DNS.
In Iran, many computers use Google DNS. Google Public DNS is a free and fast DNS that most people are familiar with.
Also, this DNS server has high security, which has made many users use it. Many times when you contact your ISP about your internet problems, they will ask you to ping the Google Public DNS.
The reason is that no one expects the services provided by Google to be disrupted. To change your DNS to Google Public DNS, you need to enter the following values in the DNS Server section of your device:
|
Google Public DNS |
|||
|
Secondary IPv6 |
Primary IPv6 |
Secondary IPv4 |
Primary IPv4 |
|
2001:4860:4860::8844 |
2001:4860:4860::8888 |
8.8.4.4 |
8.8.8.8 |
Cloudflare
Cloudflare is one of the best known companies that provides DNS and CDN services to their customers. Of course, Cloudflare has a few other services, one of which is the VPN service.
Most of the people who have done website designing jobs or intend to provide services over the internet usually know about Cloudflare and use it to improve the quality of their work.
Cloudflare offers many features and services to customers for free, and from time to time, offers new services to customers who use it for free.
The major issue in using Cloudflare services is its high security. In fact, it can be said that this company is one of the companies that has a lot of capabilities in the field of security of their services.
Of course, unfortunately, some of this company's services cannot be used by Iranian filtering system for our country, but Cloudflare DNS is still one of the fastest DNS in Iran.
Most gamers know the DNS of this company and use it to play online. Also, when it comes to gaming, this DNS server offers special services to its users.
In order to use this popular DNS server, you need to set the following values on your device:
|
Cloudflare Public DNS |
|||
|
Secondary IPv6 |
Primary IPv6 |
Secondary IPv4 |
Primary IPv4 |
|
2606:4700:4700::1001 |
2606:4700:4700::1111 |
1.0.0.1 |
1.1.1.1 |
It goes without saying that this DNS is one of the most popular DNS in the world in terms of IP address. Apart from the high security it has in the field of service delivery, this company also has online support forums.
OpenDNS
OpenDNS is a subset of the Cisco brand. OpenDNS was founded in 2005 and, like Cloudflare, this company also offers many free and free services to its users.
One of the features of this DNS that at the beginning of the business many users used OpenDNS due to the same functionality, was that this DNS filters phishing sites by default.
Filtering phishing sites helps keep your business safe if your users are not computer savvy.
Setting up a DNS server with special features can be very difficult for a novice administrator, and providing security for this structure certainly requires high knowledge and skills.
OpenDNS DNS servers allow you to define specific filters for your DNS. Of course, defining these filters and setting up a dedicated DNS server can cost money.
In fact, you can have a filtering system for the sites you want in your business for a small fee. But OpenDNS DNS is free for smaller, less capable networks.
To be able to use these DNS, it is sufficient to define the IP address of the OpenDNS servers described below in the desired device:
|
OpenDNS Public DNS |
|||
|
Secondary IPv6 |
Primary IPv6 |
Secondary IPv4 |
Primary IPv4 |
|
35:119:2620::35 |
53:119:2620::53 |
208.67.220.220 |
208.67.222.222 |
Comodo Secure DNS
Comodo Group is a computer company specializing in security protocols to create greater security in computer networks. This company was founded in UK in 1998. The headquarters of this company is located in America.
Comodo Group offers many services and software packages, including VPNs, virus and malware scanners, and software used to increase network security.
Comodo Secure DNS is also one of the products of Comodo Group and currently these DNS servers can be said to be one of the largest and most powerful public DNS in the world.
In general, Comodo Group products are used for their focus on safety. Comodo Secure DNS, like other products from this company, focuses heavily on DNS security.
As for OpenDNS, as I explained above, OpenDNS blocks phishing sites by default, but Comodo Secure DNS goes further and detects not only phishing sites but malware sites as well.
One site can store user information or another site can add malicious code to your browser. Comodo Secure DNS detects these sites and warns you about them to be safer on the Internet.
Along with the high security of Comodo Secure DNS and the features that this DNS offers you, there are also problems with computers using Comodo Secure DNS.
In fact, due to the existence of certain levels of security that this product provides you more than other DNS, its performance also seems slower.
This company claims that they have provided special services for game consoles on their DNS servers, but unfortunately the quality of these servers is still not suitable for many online games.
Comodo Secure DNS IPv4
Primary: 8.26.56.26
secondary: 8.20.247.20
One of the problems that can be brought to this company is that on its official website there is no version 6 of the IP to be used to set up this DNS.
The Comodo Group itself suggests that you set up DNS servers on your home router and modems. But you can also set up these DNS on your computer.
Quad9 DNS
Quad9 DNS is a new server to provide hosting and DNS services. As a free and new DNS server, Quad9's capabilities are admirable, but its power is less than other popular DNS servers.
This DNS server has been operating since 2014, and among its capabilities, we can mention the detection of malicious sites. But surely Cloudflare and OpenDNS are much stronger and more efficient than Quad9 DNS.
In fact, Quad9 DNS does not offer you any special features. As far as security is concerned, it cannot be said to be any better than other public DNS. The only thing that can be mentioned is that this DNS detects infected sites for free. And it does not charge users for providing this feature.
However, in Iran, there are many people in this field who have not even heard this company's name, and they definitely don't use this company's DNS. Quad9 claims to be good for gaming, but experience has shown that this DNS cannot work well in this area.
To use this company's DNS, simply enter the following information into your computer or device:
|
Quad9 Public DNS |
|||
|
Secondary IPv6 |
Primary IPv6 |
Secondary IPv4 |
Primary IPv4 |
|
2620:fe::9 |
2620:fe::fe |
149.112.112.112 |
9.9.9.9 |
|
2620:fe::fe:10 |
2620:fe::10 |
149.112.112.10 |
9.9.9.10 |
|
2620:fe::fe:11 |
2620:fe::11 |
149.112.112.11 |
9.9.9.11 |
Except for the things I explained above, many DNS servers operate publicly on the Internet, which you can use depending on your needs.
In some cases, for games you can play using a VPN, choosing a suitable DNS server can eliminate the need for a VPN.
DNS Server Setup
There are several ways to change or set DNS server in different operating systems. The first problem is that you, as a network administrator or help desk, can change a computer's DNS servers.
Changing DNS on networks that you are not the administrator of could cause problems. In fact, you shouldn't have access to change DNS in networks you're not the administrator of.
So if you are an employee of a company and even if your knowledge is higher than the administrator of that network; The best thing is to go to the administrator of that company to change the DNS servers of your computer.
In large networks, DNS changes are not applied to computers on the network individually. Even in average networks, you may be dealing with thousands of computers, and changing and applying each setting on each of those computers takes a long time.
In networks, DNS settings are done through a set of policies in networks or DNS is set as an option by the DHCP server.
Of course, this can be different depending on the scenario you have in your network, you can define a set of scripts for the computers in your computer network that will change the DNS of the computers when this script is run.
There can be several methods of changing a computer's DNS based on its operating system, and it is a network administrator's art to choose the best one among them for her job.
Next, I'll tell you how to change your DNS server on different operating systems.
DNS settings in Windows
First, right-click on the network icon in the lower right corner of the screen and select Open Internet and network settings.
In the Network Status window that opens, select Change adapter options to display the Network Connections window.
Depending on your version of Windows, the Change adapter options option may look different from my screenshot. You can also access this window from the following path:
Control Panel\All Control Panel Items\Network Connections
There may have been changes in different versions of each operating system based on the graphical environment, that's why network administrators never open such windows through these paths.
As for the path above, it's best to do it through the RUN window. For this, just press the "Win+R" buttons to open the RUN window. Then enter the word "ncpa" in the box. cpl" and click ok.
In the Network Connections window, you may have different items depending on the connections you have created for your computer. Or, depending on the software and VPNs you install, you may see items in this window.
For example, if your computer has a wireless network card like mine, you'll likely see an entry with the Wi-Fi name or your device manufacturer's name in this window.
You can define different DNS servers for each of your computer's network connections. For this, simply right click on each of these connections and select the properties option.
As you can see, there is a security icon next to the properties option. This means that only members of the administrators group can select this option and access the Ethernet Status section. On the Ethernet Status page, you need to select the properties option.
By selecting the properties option, a window called Ethernet Properties will appear, where many settings related to each connection on this page are located.
If you want to specify a DNS server for your computer, you need to define the IP address of your DNS server for the computer. Now this IP address can be either IPv4 or IPv6.
If you want to define an IPv4 for connecting to the desired DNS server, you need to double click on the Internet Protocol Version 4 option in the Ethernet properties window.
And if you want to define an IPv6 for your desired DNS server connection, you need to double click the Internet Protocol Version 6 option in the Ethernet properties window.
In each of these sections, you can specify two DNS servers for each type of IP address. Your computer's DNS servers may be defined automatically, or you may want to define them manually.
To determine the DNS servers, you need to select the Use the following DNS server address option and enter the IP of the DNS servers under it. Then OK all open windows so that the changes are applied.
As for DNS servers, there are more settings for DNS that you will learn about in the future. Actually, about DNS, I didn't really understand DNS until I set up a DNS server.
Change DNS Server in Android
In Android operating systems, like all other operating systems, you can set the desired DNS server on your connection by installing a series of software.
But what we will explain in this article is the DNS setting within the settings that you will have on your phone. What I'm explaining here might be a little different than what's on your phone.
My goal of this article is to familiarize you more with DNS settings on different devices. And certainly, most of the devices existing in computer networks need DNS server to perform operations.
If you have any questions in doing the things I explain to you or you are having problems setting up DNS on your device, you can let us know through the comments section so that over time this article related to DNS server will be more complete.
In Android operating systems, based on the version of Android each phone uses and changes made by manufacturers to each system's firmware; The DNS change process might be a little different.
In Android operating systems you can select the Private DNS option by referring to the phone settings (Settings) in the Connection points (Connection and Sharing) section.
And in the Select Private DNS Mode section, choose Private DNS provider hostname. Then you can enter your DNS server in the created box.
Please note that the names of these parts may be slightly different depending on the version of Android and the operating system customized by the phone manufacturer. Also, these operations can only be performed on new Androids.
Furthermore, in Android operating systems, you can also change the DNS server of your Wi-Fi connection through a series of settings. For this, access the Wi-Fi connection section of your device and set the IP protocol settings (IP Settings) to Static from the Advanced connection section.
Pay attention to the fact that in some smartphones the Advanced option is shown with other names, for example the name of this section could be Details or About. And you can't make these settings until you connect your phone to a hotspot.
After entering the Network Details section, you can change the settings of each Wi-Fi connection by changing the IP setting from DHCP to Static or Manual. For example, you can change your IP address and your gateway in the network you are connected to.
Among the settings you can change are the DNS server settings.
Change DNS Server in Windows Phone
Of course, there are currently very few people using phones with the Windows Phone operating system. Microsoft itself does not support many of these mobile phones.
To change the DNS server in the Wi-Fi connection, you must first go to the Settings section from the Menu section.
Then enter the WiFi section from the network+wireless section and select the Static IP option at the bottom of the screen.
In the next step, you need to activate the settings related to Manually configure network settings and in the DNS section you can manually set the DNS server of the Wi-Fi connection.
The best DNS service providers
Since there are many public DNS on the Internet, there are also many companies whose DNS services you can use. If you also live in Iran, you better know that some of these companies boycott Iran and do not provide services to Iranian users.
Some other companies are also filtered in Iran based on the services they provide and if you want to use some of the services of these companies then you will face problems.
I will introduce you to the best DNS service providers in the future. These providers are best suited to people who intend to provide a service over the Internet.
For example, instead of wanting to set up a DNS server on the Internet, you can use the online services of these companies and service providers. Otherwise, you won't really need these servers.
Most of these companies that provide DNS services also have public DNS so that in addition to providing services, people can also use their own DNS servers on the Internet.